213 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986403)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986403 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifsgetroot When cifsgetroot fails during...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414511)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414511 advisory. A denial of service DOS issue was found in the Linux kernels smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrec...
PT-2025-40756
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a folio lock is leaked when fscache is in use and a cache hit occurs during a read operation. This occurs because the cifs readpage worker functi...
EUVD-2025-30362
Malicious code in bioql PyPI...
EUVD-2022-55373
Malicious code in bioql PyPI...
EUVD-2022-55611
Malicious code in bioql PyPI...
EUVD-2025-27882
Malicious code in bioql PyPI...
CVE-2022-50460
The CVE-2022-50460 issue is in the Linux kernel CIFS logic: an xid leak in cifs_flock() when flock is used can leak xid on early return (-ENOLCK). Multiple connected advisories (Astra Linux, Unity Linux, EulerOS, SUSE) cite the same description and confirm a fix in the kernel. The vulnerability i...
CVE-2025-39838 cifs: prevent NULL pointer dereference in UTF16 conversion
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to cifssfumakenode without checks, which passes it unchecked to cifsstrnduptoutf16, which in turn passes ...
CVE-2025-39838
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to cifssfumakenode without checks, which passes it unchecked to cifsstrnduptoutf16, which in turn passes ...
PT-2025-38545
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where a NULL pointer dereference can occur during UTF16 conversion within the CIFS implementation. Specifically, a NULL pointer can be passed to the cifs...
SUSE CVE-2023-53377
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...
UBUNTU-CVE-2023-53377
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...
PT-2025-38446
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5+ 82 Description A use-after-free UAF issue exists in the CIFS implementation of the Linux kernel. Specifically, the issue occurs when destroying the Message Response MR list. If MR allocation fails, the...
SUSE CVE-2022-50351
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscreate If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked...
CVE-2022-50372
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xffff888166059600 size 448: comm "mount.cifs", pid 51391, jiffies 4295596373 age 330.596s hex dump first ...
CVE-2022-50372 cifs: Fix memory leak when build ntlmssp negotiate blob failed
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xffff888166059600 size 448: comm "mount.cifs", pid 51391, jiffies 4295596373 age 330.596s hex dump first ...
CVE-2022-50341 cifs: fix oops during encryption
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...
PT-2025-38020
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s CIFS implementation within the cifs create function. If CIFS shuts down, the transaction ID xid is not freed before returning, leading to an xid lea...
Linux Distros Unpatched Vulnerability : CVE-2023-53246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: fix DFS traversal oops without CONFIGCIFSDFSUPCALL When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. cifs.ko logic for mapping...